Fix language and formatting in ChangeLog
Changed the formatting and language in the ChangeLog to the house-style.
diff --git a/ChangeLog b/ChangeLog
index b9d3a72..d70d19a 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -3,13 +3,23 @@
= mbed TLS x.x.x branch released xxxx-xx-xx
Security
- * Fix overly strict DN comparison when looking for CRLs
- belonging to a particular CA. This previously lead to
- ignoring CRLs when the CRL's issuer name and the CA's
- subject name differed in their string encoding (e.g.,
- one using PrintableString and the other UTF8String) or
- in the choice of upper and lower case. Reported by
- HenrikRosenquistAndersson in #1784.
+ * Fix overly strict DN comparison when looking for CRLs belonging to a
+ particular CA. This previously lead to ignoring CRLs when the CRL's issuer
+ name and the CA's subject name differed in their string encoding (e.g.,
+ one using PrintableString and the other UTF8String) or in the choice of
+ upper and lower case. Reported by Henrik Andersson of Bosch GmbH in issue
+ #1784.
+ * Fix mbedtls_mpi_is_prime() to use more rounds of probabilistic testing. The
+ previous settings for the number of rounds made it practical for an
+ adversary to construct non-primes that would be erroneously accepted as
+ primes with high probability. This does not have an impact on the
+ security of TLS, but can matter in other contexts with potentially
+ adversarially-chosen numbers that should be prime and can be validated.
+ For example, the number of rounds was enough to securely generate RSA key
+ pairs or Diffie-Hellman parameters, but was insufficient to validate
+ Diffie-Hellman parameters properly.
+ See "Prime and Prejudice" by by Martin R. Albrecht and Jake Massimo and
+ Kenneth G. Paterson and Juraj Somorovsky.
* Fix a flawed bounds check in server PSK hint parsing. In case the
incoming message buffer was placed within the first 64KB of address
space and a PSK-(EC)DHE ciphersuite was used, this allowed an attacker
@@ -30,8 +40,8 @@
Fixes #2069.
* Fix memory leak and freeing without initialization in the example
program programs/x509/cert_write. Fixes #1422.
- * Ignore iv in mbedtls_cipher_set_iv() when the cipher mode is MBEDTLS_MODE_ECB
- Fix for #1091 raised by ezdevelop
+ * Ignore IV in mbedtls_cipher_set_iv() when the cipher mode is
+ MBEDTLS_MODE_ECB. Found by ezdevelop. Fixes for #1091.
* Zeroize memory used for reassembling handshake messages after use.
* Use `mbedtls_zeroize()` instead of `memset()` for zeroization of
sensitive data in the example programs aescrypt2 and crypt_and_hash.
@@ -53,19 +63,6 @@
* Improve documentation of mbedtls_ssl_get_verify_result().
Fixes #517 reported by github-monoculture.
-Security
- * Fix mbedtls_mpi_is_prime() to use more rounds of probabilistic testing. The
- previous settings for the number of rounds made it practical for an
- adversary to construct non-primes that would be erroneously accepted as
- primes with high probability. This does not have an impact on the
- security of TLS, but can matter in other contexts with potentially
- adversarially-chosen numbers that should be prime and can be validated.
- For example, the number of rounds was enough to securely generate RSA key
- pairs or Diffie-Hellman parameters, but was insufficient to validate
- Diffie-Hellman parameters properly.
- See "Prime and Prejudice" by by Martin R. Albrecht and Jake Massimo and
- Kenneth G. Paterson and Juraj Somorovsky.
-
= mbed TLS 2.7.6 branch released 2018-08-31
Security